Building Injective Trapdoor Functions From Oblivious Transfer
نویسندگان
چکیده
Injective one-way trapdoor functions are one of the most fundamental cryptographic primitives. In this work we give a novel construction of injective trapdoor functions based on oblivious transfer for long strings. Our main result is to show that any 2-message statistically sender-private semihonest oblivious transfer (OT) for strings longer than the sender randomness implies the existence of injective one-way trapdoor functions. This is perhaps surprising given given the black box separation of injective one-way trapdoor functions from many common cryptographic protocols, e.g. IND-CCA encryption. As a tool for creating injective one-way trapdoor functions, we define a new notion of security for a public key encryption scheme called Randomness Dependent Message (RDM) security, and use it as a stepping stone for creating injective one-way trapdoor functions. Our main result has a number of interesting corollaries: • Applying the results of Mol and Yilek (PKC ’10), we also show that Lossy Encryption with long plaintexts implies correlated product secure functions and INDCCA secure encryption. • Applying the results of Kiltz, Mohassel and O’Neill (EUROCRYPT ’10), we have that Lossy Encryption with long plaintexts implies adaptive trapdoor functions. • Lossy encryption with long plaintexts implies a weak form of RDM security. In addition, Hemenway, Libert, Ostrovsky and Vergnaud (ePrint ’09) showed that statistically-hiding 2-round Oblivious Transfer (OT) is equivalent to Lossy Encryption, The reduction shows that if the sender uses randomness shorter than the message in the OT so does the sender in the Lossy Encryption. Thus, our main result also implies an injective one-way trapdoor function from any lossy encryption with short randomness. This is somewhat surprising since injective trapdoor functions are deterministic and, given the trapdoor, allow recovery of a complete inverse, while public-key encryptions are probabilistic and recover only the plaintext and not necessarily the randomness used in the encryption process. Our result corroborates the previous result of Bellare, Halevi, Sahai and Vadhan (CRYPTO ’98) showing that IND-CPA secure encryption implies injective one-way trapdoor functions in the random oracle model. We stress that in our work we do not make use of a random oracle.
منابع مشابه
Building Lossy Trapdoor Functions from Lossy Encryption
Injective one-way trapdoor functions are one of the most fundamental cryptographic primitives. In this work we show how to derandomize lossy encryption (with long messages) to obtain lossy trapdoor functions, and hence injective one-way trapdoor functions. Bellare, Halevi, Sahai and Vadhan (CRYPTO ’98) showed that if Enc is an IND-CPA secure cryptosystem, and H is a random oracle, then x 7→ Enc...
متن کاملReducing Complexity Assumptions for Oblivious Transfer
Reducing the minimum assumptions needed to construct various cryptographic primitives is an important and interesting task in theo retical cryptography Oblivious Transfer one of the most basic crypto graphic building blocks is also studied under this scenario Reducing the minimum assumptions for Oblivious Transfer seems not an easy task as there are a few impossibility results under black box r...
متن کاملEfficient Lossy Trapdoor Functions based on the Composite Residuosity Assumption
Lossy trapdoor functions (Peikert and Waters, STOC ’08) are an intriguing and powerful cryptographic primitive. Their main applications are simple and black-box constructions of chosen-ciphertext secure encryption, as well as collision-resistant hash functions and oblivious transfer. An appealing property of lossy trapdoor functions is the ability to realize them from a variety of number-theore...
متن کاملOn the Impossibility of Constructing Non-interactive Statistically-Secret Protocols from Any Trapdoor One-Way Function
We show that non-interactive statistically-secret bit commitment cannot be constructed from arbitrary black-box one-to-one trapdoor functions and thus from general public-key cryptosystems. Reducing the problems of non-interactive crypto-computing, rerandomizable encryption, and non-interactive statistically-sender-private oblivious transfer and low-communication private information retrieval t...
متن کاملRound-Optimal Secure Two-Party Computation from Trapdoor Permutations
In this work we continue the study on the round complexity of secure two-party computation with black-box simulation. Katz and Ostrovsky in CRYPTO 2004 showed a 5 (optimal) round construction assuming trapdoor permutations for the general case where both players receive the output. They also proved that their result is round optimal. This lower bound has been recently revisited by Garg et al. i...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Electronic Colloquium on Computational Complexity (ECCC)
دوره 17 شماره
صفحات -
تاریخ انتشار 2010